92e6532bf7ec1bad5f24a2566867aa6ed6e3b6db1a6010349e30d07e4cec85d2

Analysis

max time kernel
87s
max time network
164s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
16/06/2024, 11:38 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Rise v6/files/azul-1.8.9_345/bin/api-ms-win-core-fibers-l1-1-0.dll
Size

20KB
MD5

ee3f0d24e7e32e661ac407c60b84b7db
SHA1

09107fb9ace59a1ac3a8b8dbb4ff00b91182929b
SHA256

c86ebc9f48e2db659e80d9c7ad5f29e6b6c850eea58813c041baeff496ae4f18
SHA512

c3fbba7fad4fe03a3a763ad86681655f1bb04d6dd9f64c0083aaa0262ce18f82970365532337825d44ec92b3d79b3212817b25f188537a3771807ad17e7f8d05
SSDEEP

192:bsWBhWxWYnO/VWQ4SWGvYa/uuOiqnajBhda:IWBhWxU6Tillhda

Score

1^/10

Malware Config

Signatures

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Rise v6\files\azul-1.8.9_345\bin\api-ms-win-core-fibers-l1-1-0.dll",#1
1⤵
PID:748

Network

DNS

g.bing.com

Remote address:

8.8.8.8:53

Request

g.bing.com

IN A

Response

g.bing.com

IN CNAME

g-bing-com.dual-a-0034.a-msedge.net

g-bing-com.dual-a-0034.a-msedge.net

IN CNAME

dual-a-0034.a-msedge.net

dual-a-0034.a-msedge.net

IN A

204.79.197.237

dual-a-0034.a-msedge.net

IN A

13.107.21.237
DNS

74.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.32.126.40.in-addr.arpa

IN PTR

Response
DNS

237.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

237.197.79.204.in-addr.arpa

IN PTR

Response
DNS

240.197.17.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.197.17.2.in-addr.arpa

IN PTR

Response

240.197.17.2.in-addr.arpa

IN PTR

a2-17-197-240deploystaticakamaitechnologiescom
DNS

194.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.61.62.23.in-addr.arpa

IN PTR

Response

194.61.62.23.in-addr.arpa

IN PTR

a23-62-61-194deploystaticakamaitechnologiescom
DNS

183.59.114.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.59.114.20.in-addr.arpa

IN PTR

Response
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

18.31.95.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.31.95.13.in-addr.arpa

IN PTR

Response
DNS

172.214.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.214.232.199.in-addr.arpa

IN PTR

Response
DNS

200.131.50.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.131.50.23.in-addr.arpa

IN PTR

Response

200.131.50.23.in-addr.arpa

IN PTR

a23-50-131-200deploystaticakamaitechnologiescom
DNS

29.243.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

29.243.111.52.in-addr.arpa

IN PTR

Response

204.79.197.237:443

g.bing.com

tls

2.5kB
9.0kB
19
17
23.62.61.194:443

www.bing.com

tls

1.5kB
5.4kB
17
12
23.62.61.194:443

www.bing.com

tls

1.7kB
11.2kB
21
16

8.8.8.8:53

g.bing.com

dns

56 B
151 B
1
1

DNS Request

g.bing.com

DNS Response

204.79.197.237

13.107.21.237
8.8.8.8:53

74.32.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

74.32.126.40.in-addr.arpa
8.8.8.8:53

237.197.79.204.in-addr.arpa

dns

73 B
143 B
1
1

DNS Request

237.197.79.204.in-addr.arpa
8.8.8.8:53

240.197.17.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

240.197.17.2.in-addr.arpa
8.8.8.8:53

194.61.62.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

194.61.62.23.in-addr.arpa
8.8.8.8:53

183.59.114.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

183.59.114.20.in-addr.arpa
8.8.8.8:53

18.31.95.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

18.31.95.13.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

172.214.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.214.232.199.in-addr.arpa
8.8.8.8:53

200.131.50.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

200.131.50.23.in-addr.arpa
8.8.8.8:53

29.243.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

29.243.111.52.in-addr.arpa

Windows 7 deprecation

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.